From ab51ae9091ffd328912a97eb33c1baeafd2b43e4 Mon Sep 17 00:00:00 2001
From: sabaimran <narmiabas@gmail.com>
Date: Tue, 9 Apr 2024 10:18:12 +0530
Subject: [PATCH] Use SECURE_SSL_REDIRECT to ensure requests are routed to
 https always

---
 src/khoj/app/settings.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/khoj/app/settings.py b/src/khoj/app/settings.py
index ce6b4eca..8358c362 100644
--- a/src/khoj/app/settings.py
+++ b/src/khoj/app/settings.py
@@ -45,9 +45,11 @@ if DEBUG or os.getenv("KHOJ_DOMAIN") == None:
     SESSION_COOKIE_DOMAIN = "localhost"
     CSRF_COOKIE_DOMAIN = "localhost"
 else:
+    # Production Settings
     SESSION_COOKIE_DOMAIN = KHOJ_DOMAIN
     CSRF_COOKIE_DOMAIN = KHOJ_DOMAIN
     SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTOCOL", "https")
+    SECURE_SSL_REDIRECT = True
 
 SESSION_COOKIE_SECURE = True
 CSRF_COOKIE_SECURE = True